Voyageur's cornerhttp://blog.cafarelli.fr
Dammit Jim, I'm a developer, not a doctor.Tue, 29 Nov 2016 14:09:36 +0000en-UShourly1https://wordpress.org/?v=4.7Service Function Chaining demo with devstackhttp://blog.cafarelli.fr/2016/11/service-function-chaining-demo-with-devstack/
http://blog.cafarelli.fr/2016/11/service-function-chaining-demo-with-devstack/#respondTue, 29 Nov 2016 14:09:36 +0000http://blog.cafarelli.fr/?p=505Continue reading "Service Function Chaining demo with devstack"]]>After a first high-level post, it is time to actually show networking-sfc in action! Based on a documentation example, we will create a simple demo, where we route some HTTP traffic through some VMs, and check the packets on them with tcpdump:

This will be hosted on a single node devstack installation, and all VMs will use the small footprint CirrOS image, so this should run on “small” setups.

Installing the devstack environment

On your demo system (I used Centos 7), check out devstack on the Mitaka branch (remember to run devstack as a sudo-capable user, not root):

Grab my local configuration file that enables the networking-sfc plugin, rename it to local.conf in your devstack/ directory.
If you prefer to adapt your current configuration file, just make sure your devstack checkout is on the mitaka branch, and add the SFC parts:# SFCenable_plugin networking-sfc https://git.openstack.org/openstack/networking-sfcSFC_UPDATE_OVS=False

Then run the usual “./stack.sh” command, and go grab a coffee.

Deploy the demo instances

To speed this step up, I regrouped all the following items in a script. You can check it out (at a tested revision for this demo):[stack@demo ~]$ git clone https://github.com/voyageur/openstack-scripts.git -b sfc_mitaka_demo

I highly recommend to read it, it is mostly straightforward and commented, and where most of the interesting commands are hidden. So have a look, before running it:[stack@demo ~]$ ./openstack-scripts/simple_sfc_vms.shWARNING: setting legacy OS_TENANT_NAME to support cli tools.
Updated network: privateCreated a new port:
[...]route: SIOCADDRT: File existsWARN: failed: route add -net "0.0.0.0/0" gw "192.168.0.1"
You can safely ignore the route errors at the end of the script (they are caused by duplicate default route on the service VMs).

Remember, from now on, to source the credentials file in your current shell before running CLI commands:[stack@demo ~]$ source ~/devstack/openrc demo demo

These devices names follow the tap<port ID first 10 digits> pattern, so for example tap897df85a-26 is the associated for the p1in port here

See SFC in action

In this example we run a request loop from client_vm to dest_vm (remember to use the IP addresses found in the previous section):[stack@demo ~]$ ssh cirros@10.0.0.9$ while true; do curl 10.0.0.10; sleep 1; doneWelcome to dest-vmWelcome to dest-vmWelcome to dest-vm[...]

So we do have access to the web server! But does the packets really go through the service VMs? To confirm that, in another shell, run tcpdump on the tap interfaces:

Where to go from here

Between these examples, the commands used in the demo script, and the documentation, you should have enough material to try your own commands! So have fun experimenting with these VMs.

Note that in the meantime we released the Newton version (3.0.0), which also includes the initial OpenStackClient (OSC) interface, so I will probably update this to run on Newton and with some shiny “openstack sfc xxx” commands. I also hope to make a nicer-than-tcpdumping-around demo later on, when time permits.

]]>http://blog.cafarelli.fr/2016/11/service-function-chaining-demo-with-devstack/feed/0What is “Service Function Chaining”?http://blog.cafarelli.fr/2016/11/what-is-service-function-chaining/
http://blog.cafarelli.fr/2016/11/what-is-service-function-chaining/#respondMon, 07 Nov 2016 16:59:02 +0000http://blog.cafarelli.fr/?p=496Continue reading "What is “Service Function Chaining”?"]]>This is the first article in a series about Service Function Chaining (SFC for short), and its OpenStack implementation, networking-sfc, that I have been working on.

The SFC acronym can easily appear in Software-defined networking (SDN), in a paper about Network function virtualization (NFV), in some IETF documents, … Some of these broader subjects use other names for SFC elements, but this is probably a good topic for another post/blog.
If you already know SFC elements, you can probably skip to the next blog post.

Definitions

The delivery of end-to-end services often requires various service functions. These include traditional network service functions such
as firewalls and traditional IP Network Address Translators (NATs),
as well as application-specific functions. The definition and instantiation of an ordered set of service functions and subsequent
“steering” of traffic through them is termed Service Function
Chaining (SFC).

I see SFC as a higher level of abstraction routing: in a typical network, you route all the traffic coming from Internet through a firewall box. So you set up the firewall system, with its network interfaces (Internet and intranet sides), and add some IP routes to steer the traffic through.
SFC uses the same concept, but with logical blocks: if a packet matches some conditions (it is Internet traffic), force it through a series of “functions” (in that case, only one function: a firewall system). And voilà, you have your Service function chain!

I like this simple comparison as it introduces most of the SFC elements:

service function: a.k.a. “bump in the wire”. This is a transparent system that you want some flows to go through (typical use cases: firewall, load balancer, analyzer).

flow classifier: the “entry point”, it determines if a flow should go through the chain. This can be based on IP attributes (source/dest adress/port, …), layer 7 attributes or even from metadata in the flow, set by a previous chain.

port pair: as the name implies, this is a pair of ports (network interfaces) for a service function (the firewall in our example). The traffic is routed to the “in” port, and is expected to exit the VM through the “out” port. This can be the same port

port chain: the SFC object itself, a set of flow classifiers and a set of port pairs (that define the chain sequence).

An additional type not mentioned before is the port pair group: if you have multiple service functions of an identical type, you can regroup them to distribute the flows among them.

Use cases and advantages

OK, after seeing all these definitions, you may wonder “what’s the point?” What I have seen so far is that it allows:

complex routing made easier. Define a sequence of logical steps, and the flow will go through it.

HA deployments: add multiple VMS in a same group, and the load will be distributed between them.

dynamic inventory. Add or remove functions dynamically, either to scale a group (add a load balancer, remove an analyzer), change functions order, add a new function in the middle of some chain, …

complex classification. Flows can be classified based on L7 criterias, output from a previous chain (for example a Deep-Packet Inspection system).

Going beyond these technical advantages, you can read an RFC that is actually a direct answer to this question: RFC 7498

Going further

To keep a reasonable post length, I did not talk about:

How does networking-sfc tag traffic? Hint: MPLS labels

Service functions may or may not be SFC-aware: proxies can handle the SFC tagging

A recent presentation from the Barcelona summit, describing the current state of the networking-sfc project and upcoming extensions

]]>http://blog.cafarelli.fr/2016/11/what-is-service-function-chaining/feed/0New job and new blog categoryhttp://blog.cafarelli.fr/2016/10/new-job-and-new-blog-category/
Sat, 08 Oct 2016 06:49:15 +0000http://blog.cafarelli.fr/?p=490Continue reading "New job and new blog category"]]>Sorry blog, this announcement comes late for you (I updated sites like Linkedin some time ago), but better late than never!

I got myself a new job in May, joining the Red Hat software developers working on OpenStack. More specifically, I will work mostly on the network parts: Neutron itself (the “networking as a service” main project), but also other related projects like Octavia (load balancer), image building, and more recently Service Function Chaining.

Working upstream on these projects, I plan to write some posts about them, which will be regrouped in a new OpenStack category. I am not sure yet about the format (short popularisation items and tutorials, long advanced technical topics, a mix of both, …), we will see. In all cases, I hope it will be of interest to some people

PS for Gentoo Universe readers: don’t worry, that does not mean I will switch all my Linux boxes to RHEL/CentOS/Fedora! I still have enough free time to work on Gentoo

]]>Nextcloud available in portage, migration thoughtshttp://blog.cafarelli.fr/2016/06/nextcloud-available-in-portage-migration-thoughts/
http://blog.cafarelli.fr/2016/06/nextcloud-available-in-portage-migration-thoughts/#commentsThu, 23 Jun 2016 22:12:25 +0000http://blog.cafarelli.fr/?p=471Continue reading "Nextcloud available in portage, migration thoughts"]]>I think there has been more than enough news on nextcloud origins, the fork from owncloud, … so I will keep this post to the technical bits.

Installing nextcloud on Gentoo

For now, the differences between owncloud 9 and nextcloud 9 are mostly cosmetic, so a few quick edits to owncloud ebuild ended in a working nextcloud one. And thanks to the different package names, you can install both in parallel (as long as they do not use the same database, of course).

So if you want to test nextcloud, it’s just a command away:

# emerge -a nextcloud

With the default webapp parameters, it will install alongside owncloud.

Migrating owncloud data

Nothing official again here, but as I run a small instance (not that much data) with simple sqlite backend, I could copy the data and configuration to nextcloud and test it while keeping owncloud.
Adapt the paths and web user to your setup: I have these webapps in the default /var/www/localhost/htdocs/ path, with www-server as the web server user.

First, clean the test data and configuration (if you logged in nextcloud):

Change all owncloud occurences in config.php to nextcloud (there should be only one, for ‘datadirectory’. And then run the (nextcloud) updater. You can do it via the web interface, or (safer) with the CLI occ tool:

As with “standard” owncloud upgrades, you will have to reactivate additional plugins after logging in. Also check the nextcloud log for potential warnings and errors.

In my test, the only non-official plugin that I use, files_reader (for ebooks) installed fine in nextcloud, and the rest worked as fine as owncloud with a lighter default theme
For now, owncloud-client works if you point it to the new /nextcloud URL on your server, but this can (and probably will) change in the future.

More migration tips and news can be found in this nextcloud forum post, including some nice detailed backup steps for mysql-backed systems migration.

]]>http://blog.cafarelli.fr/2016/06/nextcloud-available-in-portage-migration-thoughts/feed/1Setting USE_EXPAND flags in package.usehttp://blog.cafarelli.fr/2016/02/setting-use_expand-flags-in-package-use/
http://blog.cafarelli.fr/2016/02/setting-use_expand-flags-in-package-use/#commentsFri, 26 Feb 2016 17:32:01 +0000http://blog.cafarelli.fr/?p=453Continue reading "Setting USE_EXPAND flags in package.use"]]>This has apparently been supported in Portage for some time, but I only learned it recently from a gentoo-dev mail: you do not have to write down the expanded USE-flags in package.use anymore (or set them in make.conf)!

For example, if I wanted to set some APACHE2_MODULES and a custom APACHE2_MPM, the standard package.use entry would be something like:

]]>LLVM 3.7.0 released, Gentoo package changeshttp://blog.cafarelli.fr/2015/09/llvm-3-7-0-released-gentoo-package-changes/
http://blog.cafarelli.fr/2015/09/llvm-3-7-0-released-gentoo-package-changes/#commentsWed, 02 Sep 2015 11:53:37 +0000http://blog.cafarelli.fr/?p=415Continue reading "LLVM 3.7.0 released, Gentoo package changes"]]>As announced here, the new LLVM release is now available. If you are interested after reading the release notes (or the clang ones), I just added the corresponding packages in Gentoo, although still masked for some additional testing. mesa-11.0 release candidates compile fine with it though.2015/09/04 edit: llvm 3.7.0 is now unmasked!

On the Gentoo side, this version bump has some nice changes:

We now use the cmake/ninja build system: huge thanks to fellow developer mgorny for his hard work on this rewrite. This is the recommended build system upstream now, and some features will only be available with it

LLDB, the debugger is now available via USE=lldb. This is not a separate package as the build system for llvm and subprojects is quite monolithic. clang is in the same situation: sys-devel/clang package currently does almost nothing, the magic is done in llvm[clang])

These new ebuilds include the usual series of fixes, including some recent ones by gienah

On the TODO list, some tests are still failing on 32bit multilib (bug #558604), ocaml doc compilation/installation has a strange bug (see the additional call on docs/ocaml_doc target in the ebuild). And let’s not forget adding other tools, like polly. Another recent suggestion: add llvm’s OpenMP library needed for OpenMP with clang.

Also, if people were still using the dragonegg GCC plugin, note that it is not released anymore upstream. As 3.6.x versions had compilation problems, this package received its last rites.

]]>http://blog.cafarelli.fr/2015/09/llvm-3-7-0-released-gentoo-package-changes/feed/3Removing old NX packages from treehttp://blog.cafarelli.fr/2015/04/removing-old-nx-packages-from-tree/
http://blog.cafarelli.fr/2015/04/removing-old-nx-packages-from-tree/#commentsThu, 16 Apr 2015 21:30:37 +0000http://blog.cafarelli.fr/?p=371Continue reading "Removing old NX packages from tree"]]>I already sent the last rites announce a few days ago, but here is a more detailed post on the coming up removal of “old” NX packages. Long story short: migrate to X2Go if possible, or use the NX overlay (“best-effort” support provided).2015/04/26 note: treecleaning done!

Affected packages

Basically, all NX clients and servers except x2go and nxplayer! Here is the complete list with some specific last rites reasons:

net-misc/nxclient,net-misc/nxnode,net-misc/nxserver-freeedition: binary-only original NX client and server. Upstream has moved on to a closed-source technology, and this version bundles potientally vulnerable binary code. It does not work as well as before with current libraries (like Cairo).

net-misc/nxserver-freenx, net-misc/nxsadmin: the first open-source alternative server. It could be tricky to get working, and is not updated anymore (last upstream activity around 2009)

Continue using these packages on Gentoo

These packages will be dropped from the main tree by the end of this month (2015/04), and then only available in the NX overlay. They will still be supported there in a “best effort” way (no guarantee how long some of these packages will work with current systems).

So, if one of these packages still works better for you, or you need to keep them around before migrating, just run:

# layman -a nx

Alternatives

While it is not a direct drop-in replacement, x2go is the most complete solution currently in Gentoo tree (and my recommendation), with a lot of possible advanced features, active upstream development, … You can connect to net-misc/x2goserver with net-misc/x2goclient, net-misc/pyhoca-gui, or net-misc/pyhoca-cli.

If you want to try NoMachine’s (the company that created NX) new system, well the client is available in Portage as net-misc/nxplayer. The server itself is not packaged yet, if you are interested in it, this is bug #488334

]]>http://blog.cafarelli.fr/2015/04/removing-old-nx-packages-from-tree/feed/10Switching from GandiBlog/Dotclear2 to WordPress4http://blog.cafarelli.fr/2015/04/switching-from-gandiblogdotclear2-to-wordpress4/
Mon, 13 Apr 2015 06:47:16 +0000http://blog.cafarelli.fr/?p=357Continue reading "Switching from GandiBlog/Dotclear2 to WordPress4"]]>This blog was hosted by GandiBlog since mid-2006. Thanks to the Gandi folks, it has served me well, though it was starting to show its age.

Now I intend to revive this blog, and the first step was to finally move it on my server, switching to WordPress in the process! The rest of this post will detail how I did the switch, keeping the blog content and links.

GandiBlog to self-hosted Dotclear2

GandiBlog’s only export possibility is via a flat text file export (Extensions->Import/Export). An old WordPress plugin exists to import such files, and will likely be the solution you will first find in your favourite search engine. But its last update was some years ago and it does not seem to work with current versions. Instead, I chose to set up a temporary DotClear2 installation on my server, to use the current import plugin in WordPress later.

Installing DotClear is as easy as creating a mysql user/db, unpack the latest 2.x tarball, and follow the installation wizard. No need to tweak configuration our users here, I just logged in the administration panel, imported from the GandiBlog flat file, and I was (mostly) done!

I say mostly, because I fixed 2 things before the WordPress jump. You may not need to do the same, but here they are:

Some blog posts were in wiki style and not in xhtml, and were not converted correctly. As there were only a few of them, I used the”Convert to XML” button available when editing a post. I think tools exist for a mass conversion

Some other posts were in the “Uncategorized” category, and were ignored in the import process. My manual workaround was to set them to a “Other” category I created for the occasion. Again, this can be automated

Dotclear2 to WordPress4

The next step was to set up a new vhost on my server, emerge latest wordpress and install it in this new vhost (no special steps here) .

Once WordPress was basically up and running, I installed the “DotClear2 Importer” plugin, and ran it (it is an additional entry in Tools/Import). Basically it summed up to filling the (dotclear) database connection infos, and hit next button a few times.

Some additional steps to clean the new blog posts:

configure the permalink settings to use “Month and name”. This along with the “Permalink Finder” plugin, allowed me to preserve old links to the blog posts (the plugin deduces the new post URL and redirects to it)

delete the user created by the import, moving all posts to the new user in WordPress (this is a single-user blog)

move back the “Other” category posts to “Uncategorized”

temporarily install “Broken Link Checker” plugin to fix some old/dead links. Some comments had an additional “http://” prefix in URLs, and I fixed them along with updating other real links

And when everything looked good, I could update my DNS entries to the blog

]]>Backporting Apache support for websockets reverse proxy (aka getting GateOne to work behind Apache)http://blog.cafarelli.fr/2013/04/backporting-apache-support-for-websockets-reverse-proxy-aka-getting-gateone-to-work-behind-apache/
http://blog.cafarelli.fr/2013/04/backporting-apache-support-for-websockets-reverse-proxy-aka-getting-gateone-to-work-behind-apache/#commentsThu, 25 Apr 2013 23:04:00 +0000http://blog.cafarelli.fr/?p=272Continue reading "Backporting Apache support for websockets reverse proxy (aka getting GateOne to work behind Apache)"]]>Recently, I have been toying around with GateOne, a web-based SSH client/terminal emulator. However, installing it on my server proved to be a bit challenging: it requires tornado as a webserver, and uses websockets, while I have an Apache 2.2 instance already running with a few sites on it (and my authentication system configured for my tastes)

So, I looked how to configure a reverse proxy for GateOne, but websockets were not officially supported by Apache… until recently! Jim Jagielski added the proxy_wstunnel module in trunk a few weeks ago. From what I have seen on the mailing list, backporting to 2.4 is easy to do (and was suggested as an official backport), but 2.2 required a few additional changes to the original patch (and current upstream trunk).

Basically, the new submodule adds the ‘ws’ and ‘wss’ scheme to the allowed protocols between the client and the backend, so you tell Apache that you’ll be talking ‘ws’ with the backend (same as ajp://whatever sez that httpd will be talking ajp to the backend).

Update 1: a user-friendly howto on how to apply this patch on Ubuntu is now available here

]]>http://blog.cafarelli.fr/2013/04/backporting-apache-support-for-websockets-reverse-proxy-aka-getting-gateone-to-work-behind-apache/feed/3chromium (the web browser) on Gentoo FAQhttp://blog.cafarelli.fr/2009/12/chromium-the-web-browser-on-gentoo-faq/
http://blog.cafarelli.fr/2009/12/chromium-the-web-browser-on-gentoo-faq/#commentsWed, 09 Dec 2009 14:51:00 +0000http://blog.cafarelli.fr/?p=264Continue reading "chromium (the web browser) on Gentoo FAQ"]]>As you’ve probably already heard from one of your favourite sites (slashdot, phoronix, …), Google has just released the first beta-quality version of Google Chrome for Linux. I figured this was as good a time as another to collect and answers a few questions frequently asked on it, or rather on chromium which is the open-source version available in portage

What’s the difference between Google Chrome and Chromium? Well, chromium web site has a nice page summing it up here. So emerging chromium will get you a browser very close to Google Chrome, except the log and a few Google specific report links (the sandbox is enabled in gentoo chromium)

Why does it depend on ffmpeg (and a recent version of it)? For HTML5 audio/video tags support. There is now a USE-flag to disable this dependency if you are on a stable system and do not need this

Where do the source tarballs come from? Are they official ones? I create them manually, based on the SVN dependencies listed for each revision here. And it does take some time (checking out their huge tree, trying to get rid of as much bundled sourcecode as possible, …) For now, I track the developer releases, but may switch to beta releases some time. Especially now that upstream is finally considering making source tarballs available Bug report is here. There is also another bugreport interested people can track, number 28287, which lists all bugs that would make our life easier, “our” as in distrib packagers, read this recent rant by the Fedora packager for chromium. Also interesting to read is Evan’s answer, digging into what is exactly there in the 3rd party folder.

Will google-chrome-bin get in the tree? This is bug #272805. Right now we have chromium-bin, installed from snapshots generated by chromium test farms, with SVN revisions close to the from-source packages. Right now I don’t see a lot of benefits between chromium-bin and official google-chrome (except a shiny logo?), but if that changes I’ll probably add it to tree (in addition to/replacing chromium-bin). Or if another dev decides to add it

So that’s it for the first round of questions, add yours in comments if it’s still unanswered

]]>http://blog.cafarelli.fr/2009/12/chromium-the-web-browser-on-gentoo-faq/feed/4neatx and chromium in portage status updateshttp://blog.cafarelli.fr/2009/09/neatx-and-chromium-in-portage-status-updates/
http://blog.cafarelli.fr/2009/09/neatx-and-chromium-in-portage-status-updates/#commentsWed, 09 Sep 2009 12:05:00 +0000http://blog.cafarelli.fr/?p=263Continue reading "neatx and chromium in portage status updates"]]>Yesterday, I finally found the bug which prevented neatx from working on my system (thanks upstream for the debugging), so in your next portage sync, you’ll find net-misc/neatx-0.3.1_p43 ready for your testing! If you don’t need vnc/sound/printer tunneling or load-balancing, neatx is easier to set up than freenx and works great out-of-the-box. Thanks again to Mike Auty (ikelos) for his work on the ebuild.

Another work-in-progress for me these days is a source ebuild for chromium (open-source version of Google Chrome). A binary version (chromium-bin) has been available in portage for some time now (with amd64 support added recently), but source version ebuild had some problems. Now my current version (available in my overlay for the curious) has fixed most of them, including use of system libraries, makefiles use instead of scons, –as-needed support, … So why is it not yet in portage? Well, for now the tarballs from upstream are not yet available, so you won’t go past the fetch phase These should be available soon, once available you can expect chromium to quickly land in a portage tree near you.

By the way, if chromium crashes at startup for you (either binary or source version), they finally found the cause: you are probably using nvidia-drivers and nvidia opengl (via eselect opengl). However the libGL.so from nvidia overrides dlsym/dlopen (dynamic linker functions) with broken replacements, breaking applications relying on these functions! Chromium devs implemented a workaround, available for -bin in versions >=4.0.208.0_p25708, but expect some breakage in time-related functions. All the gory details are here: http://code.google.com/p/chromium/issues/detail?id=16800

And now to change a bit from technical talks, I wanted to say a big “thank you” to all of you Gentoo users who spend time filing bugreports, fixing, writing or rewriting ebuilds, debugging and finding the cause for all sorts of bugs (finding that some dynamic linkers break with specific video cards for example…), in short to all of you who work to make your distro a better one! And recently, a special thanks to Bernd Lommerzheim, who helps me a lot in proftpd maintenance, up to providing an entirely new ebuild for latest version, with lots of fixes and new features.

]]>http://blog.cafarelli.fr/2009/09/neatx-and-chromium-in-portage-status-updates/feed/8Yet another open-source NX server!http://blog.cafarelli.fr/2009/07/yet-another-open-source-nx-server/
http://blog.cafarelli.fr/2009/07/yet-another-open-source-nx-server/#commentsThu, 16 Jul 2009 22:12:00 +0000http://blog.cafarelli.fr/?p=260Continue reading "Yet another open-source NX server!"]]>In my last post about FreeNX future, I had mentioned the efforts on a freenx-redesign branch, which seemed to have stalled.

Well, trust the guys at Google that worked on this redesign, they did not give up, and in fact publicly announced the first public release of neatx, the result of the redesign work. While still missing some of the features available in FreeNX, it does already have some original ones, like the drop-down menu for session control in rootless sessions (which is something I use a LOT when running pidgin remotely from home ). I’ll make sure to prepare an ebuild (in your favourite NX overlay first as usual) when they tag a new version (first released one has some bugs that were quickly found).

Now, you may be lost between the multiple servers (including the dead ones), considering I never blogged about tacix, a remote server using NX, but with a different approach from the ‘official’ NoMachine way (with the specifix ‘nx’ user, …), making heavy use of dbus, and with its own client. For now, it’s still in the early versions, but it has potential!

So which server will you install on your (Gentoo, but other work of course) system? Here are the ‘active’ ones:

Official NX server (net-misc/nxserver-freeedition in portage), closed-source, limited to 2 concurrent sessions, but has all the features. If you want to quickly try NX!

FreeNX (net-misc/nxserver-freenx in portage), oldest and most complete open-source version, but its development stalled. The last ebuilds in tree use the branch from the Ubuntu folks, which fixes a few bugs compared to the last upstream source. If you want a stable open-source version

X2GO (net-misc/x2goserver and x2goclient in portage, some extended parts are still in the NX overlay). Maturing fast, and worth a try. This one is brought to you thanks to Joachim Langenbach, who does most of the work on the x2go* ebuilds

And in the future:

tacix, for its simpler architecture (think x2go without postgresql,ldap and friends).

neatx, which I hope will provide a suitable replacement for freenx soon

]]>http://blog.cafarelli.fr/2009/07/yet-another-open-source-nx-server/feed/2Incoming gnustep-make parallel supporthttp://blog.cafarelli.fr/2009/03/incoming-gnustep-make-parallel-support/
Wed, 04 Mar 2009 13:11:00 +0000http://blog.cafarelli.fr/?p=258Continue reading "Incoming gnustep-make parallel support"]]>When I add gnustep-make-2.2.0 to portage, repoman (our QA and commit tool) will at last be happy, as from this version, it won’t be necessary to force -j1 make flag! This will also allow parallel make for all gnustep packages in our tree(as the gnustep eclass forces -j1). No need to sync again and again your portage tree, this version is not yet released Original announcement is here

Some other entries on my gentoo/gnustep TODO list: the Etoile packages in the gnustep overlay need some cleanup (some keywords should be dropped for example Melodie player, maybe bump llvm to 2.5, but I hope some other dev will look into it before me), and updates when 0.4.2 will be released, gnustep packages, fix AC_CANONICAL_TARGET usage found in most of gnustep-base packages (thanks Flameeyes for finding more work for us ), and filter -Werror in some of our packages (helps when switching to newer GCC for example),

]]>FreeNX futurehttp://blog.cafarelli.fr/2009/03/freenx-future/
http://blog.cafarelli.fr/2009/03/freenx-future/#commentsWed, 04 Mar 2009 12:41:00 +0000http://blog.cafarelli.fr/?p=259Continue reading "FreeNX future"]]>Hum, it’s been some time since I last blogged on these Gentoo packages I handle! Let’s catch up a bit!

There is a thread running on freenx mailing list about current lack of new commits in freenx SVN. Main developer seems to be MIA (after starting a migration to github) and freenx as it is needs to be rewritten from scratch anyway (some work had been done in a freenx-redesign branch, but it seems abandoned too now). Of course, the ideal thing would be to finally get NX natively in X.org, but that’s not for the close future

So where does this leave us? Debian/Ubuntu packagers have created a freenx team, and manage a bzr tree with more and more fixes and updates (like shadowing local X sessions and stubs for guest sessions). Once I’ve figured out how to “tag” gentoo versions from it, this will probably be the new source for freenx packages (at least until upstream resumes development)

And if you want to try an alternative GPL server, remember to try x2go from the NX overlay I have not added them to main portage tree yet, but hope to do so real soon ™

]]>http://blog.cafarelli.fr/2009/03/freenx-future/feed/5X2go ebuilds status updatehttp://blog.cafarelli.fr/2008/12/x2go-ebuilds-status-update/
Thu, 18 Dec 2008 21:34:00 +0000http://blog.cafarelli.fr/?p=261Continue reading "X2go ebuilds status update"]]>In a previous post, I spoke about new ebuilds for X2go client and server, a GPL remote desktop solution that’s based on NX technology, but in a different way compared to nxserver. With lots of help from Joachim Langenbach in bug #249600, I’m glad to say now that ebuilds in the NX overlay for both client and server work fine, and will probably moved to portage soon (ldap management ebuilds will probably wait a bit longer in the overlay, as I cannot test them for now).

For pros and cons, X2go does not need a special “nx” user on the server, you can use your ssh private key (as you log in directly as your real user), both client and server are GPL are not limited in number of connections, remote mounting of directories is easy (via sshfs/fuse), administration of the server can be done via kde control panel elements (including ldap accounts, if you use it). However x2go requires a running postgresql database on the server, does not support VNC/rdesktop proxying or shadow sessions, and some of the nice advanced features seem reserved to dedicated thin clients setups (like saving your session on a usb key, …).

Anyway, if you’re curious to try it, ‘layman -a nx’ and then emerge either x2goclient or x2goserver depending on which computer you are

]]>NX servers and clients, old and newhttp://blog.cafarelli.fr/2008/12/nx-servers-and-clients-old-and-new/
http://blog.cafarelli.fr/2008/12/nx-servers-and-clients-old-and-new/#commentsThu, 04 Dec 2008 14:07:00 +0000http://blog.cafarelli.fr/?p=262Continue reading "NX servers and clients, old and new"]]>Nomachine recently released a new major version (3.3.0), which did not introduce many new features, but fixed some bugs (some keys did not work here on my french keyboard for example), and generally feels “snappier” (in my opinion of course, test and check it for yourself ). It is available in portage for both free server edition (binary only, 2 concurrent connections), and for freenx (open-source, no connections limit).

For some time an alternative client/server from 2X has been available in portage, as net-misc/nxclient-2xterminalserver and net-misc/nxserver-2xterminalserver. Based on old NX 1.5, it provided both a GPL client (missing the > 2.0.0 NX features though) and a working server close to Nomachine one. However it never really got any updates since it was made available. Upstream closed down the website, the client needs fixes for gcc 4.3 and –as-needed, does not work well with current NX servers, the server is still based on old NX code (and is probably vulnerable to some xorg security issuse), so this is last rites time for both of them. They will still be available in the NX overlay if you need them.

Now I promised to talk about newer NX systems right? A new bug report was recently opened on x2go, a “server based computing environment” which uses NX technology but is not a clone of current nxclient/nxserver. Nice thing is everything is open-source, including the client (ebuild for it already works). Now some work is needed before there is a x2goserver package in portage, but that will certainly make a nice alternative to current NX servers available. If you already use it, don’t hesitate to come and comment on the bug!

Note to myself: I really need to write some documentation on all of these one day…

]]>http://blog.cafarelli.fr/2008/12/nx-servers-and-clients-old-and-new/feed/2Etoile 0.4 – coming soon! Window Maker 0.92.1 too :)http://blog.cafarelli.fr/2008/11/etoile-04-coming-soon-window-maker-0921-too/
http://blog.cafarelli.fr/2008/11/etoile-04-coming-soon-window-maker-0921-too/#commentsMon, 03 Nov 2008 17:45:00 +0000http://blog.cafarelli.fr/?p=257Continue reading "Etoile 0.4 – coming soon! Window Maker 0.92.1 too :)"]]>If you wander by the Etoile web site, you’ll see that Etoile 0.4 is right around the corner! Initial mail for this version detailed that “the focus for 0.4 will be frameworks, developer tools, example apps, and documentation”. So the “stable” packages list will be shorter than old 0.2 release. But don’t despair, you’ll still get updated packages, including camaelon (GNUstep theming engine)

As for ebuilds availability… I’ll update the ebuilds already in portage soon after the official release (camaelon, popplerkit, …). The Etoile ebuilds in the gnustep overlay will come later (first cause of delay will be additional requirement on LLVM, which is not in portage for now)

On the releases news front, the guys behind the Window Maker revival have made some progress too: a git repository is up, people chat on #windowmaker (Freenode), and a new bugfix release should come quickly (this will clean up the patchet currently in use in the ebuild!). After that, new features? We’ll see!

]]>http://blog.cafarelli.fr/2008/11/etoile-04-coming-soon-window-maker-0921-too/feed/6SOGo now available in the GNUstep overlay, Window Maker revival?http://blog.cafarelli.fr/2008/07/sogo-now-available-in-the-gnustep-overlay-window-maker-revival/
http://blog.cafarelli.fr/2008/07/sogo-now-available-in-the-gnustep-overlay-window-maker-revival/#commentsSun, 06 Jul 2008 13:30:00 +0000http://blog.cafarelli.fr/?p=252Continue reading "SOGo now available in the GNUstep overlay, Window Maker revival?"]]>IF you want to try another groupware server, I finally made up ebuilds for Scalable OpenGroupware.org, SOGo for short. These are available in the GNUstep overlay for now (it seems to work fine, but I lack the full server installation needed to completely test it, mostly an IMAP server with LDAP backend).

From the SOGO folks:

SOGo is a free and modern scalable groupware server. It offers shared calendars, address books and emails through your favorite Web browser or by using a native client such as Mozilla Thunderbird and Lightning. SOGo is standard-compliant and supports CalDAV, CardDAV, GroupDAV and reuses existing IMAP, SMTP and database servers – making the solution easy to deploy and interoperable with many applications.

For the curious, a demo web site is running here. Feedback appreciated of course if you try it on Gentoo

On other news, I noticed that the Window Maker web site is back up, stating:

windowmaker.info Back Online posted on 2008-06-30 09:04:16 by kairi

windowmaker.info has been brought online as of early July, 2008. We are currently working on reimplementing the site in a more modern, safe fashion, while at the same time restoring all services required for development and communication. With that said, we are working very hard to revitalize Window Maker’s presence on X Window (and perhaps beyond) desktops. With this new focus, we can now truly assert that Window Maker will be resuming active development very soon. We expect to once again provide the de-facto minimalist yet extremely functional window manager to the world.

This has been my main window manager since… well a loooong time, I’m crossing fingers and hoping it will really come back from the dead projects world!

]]>http://blog.cafarelli.fr/2008/07/sogo-now-available-in-the-gnustep-overlay-window-maker-revival/feed/1New gnustep base released (base 1.16, gui 0.14)http://blog.cafarelli.fr/2008/06/new-gnustep-base-released-base-116-gui-014/
Mon, 16 Jun 2008 13:02:00 +0000http://blog.cafarelli.fr/?p=234Continue reading "New gnustep base released (base 1.16, gui 0.14)"]]>It’s been more than a year since the last gnustep major release, and while unstable packages were available in portage, I kept them in package.mask (revdep rebuild needed for every single gnustep application, API changes, …). But that meant new applications updates (gorm for example) had to be kept under p.mask too, as they required the unstable versions).

Now the new stable release is finally here, I’ll unmask it soon (just checking most application still compile). Be warned though, that both gnustep-base and gnustep-gui will force you to run revdep-rebuild. Maybe it’s time to test the new and shiny cairo backend!